CNNVD-202506-2610 Information

CNNVD ID

CNNVD-202506-2610

Related CVE

CVE-2025-6280

• CNNVD Published: 2025-06-19

Description (Chinese)

SuperAGI是SuperAGI开源的一个开源基础设施应用程序。用于构建组件、工具、框架和模型以实现开源 AGI。 SuperAGI 0.0.14及之前版本存在路径遍历漏洞，该漏洞源于组件EmailToolKit中文件SuperAGI/superagi/helper/read_email.py函数download_attachment存在路径遍历。

Description (English)

SuperAGI is an open source infrastructure application for SuperAGI open source. For building components, tools, frameworks and models to achieve open source AGI. SuperAGI 0.014 and previous versions have path-to-path loopholes, which stem from the existence of the SuperAGI/suberagi/helper/read email.py function of component EmailToolKit.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Supersmart

Published

2025-06-19

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-6280 https://nvd.nist.gov/vuln/detail/CVE-2025-6280